< All CompTIA Security+ Notes

Raul | CompTIA Security+ | Module 1

By: Raul Pop | Related Course: CompTIA Security+ | Published: May 23, 2017 | Modified: May 27, 2017
Join Cybrary

NotepadFirewalls

Firewalls-what they are

Firewalls -what they do

 

Type of firewalls

-packet inspection

-application filtering

-stateful firewalls

 

Internal Network-Firewall-WebServer-Firewall2-Internet

Firewall2-application filtering,packet inspection

 


NotepadNetwork Address Translation

NAT

1)10 computers cannot communicate with internet

2) we implement a proxy

3)proxy process the packet

4)NAT is a sub function that controls/delivers specific address for identification

5)Give you caching

6)Security


NotepadNetwork Administration Principles

1)Rule base Management

-allow/deny the traffic

 

2)Secure Router Management

-secure routers

 

3)Access Control lists

-determine what users/systems have access

 

4)Port Security

-logical access/physical access

-802.1x Implement for protection(secure device)

 

5)All types of flood guards

-A.2.1X,

-standalone devices or devices that are built into your firewall to ensure that they keep your network safe. Flood guards, when we have different, we could have different types of floods, you could have ping flood, a sync flood or all other types of floods.

-these are for securing devices against DOS(DDOS)

 

6)Loop Protection

-Spanning Tree Protocol

-Implicit Deny

7)Log analysis

-event logs

-successful logs

-failures logs

-incident logs

-security incident event manager

-unified threat management

 

 


NotepadNetwork Design Elements

1)DMZ(Demilitarized zone)

 

Internal network–>Network—>Firewall<—WebServer—>Firewall—>Internet(Public)

 

2)Remote Access

-VPN

-Authentification

 

3)Telephony

-Desk phones

-VOIP

-Voice encryption

-War dialing

 

4)NAC(Network Access Control)

 

Remediation Server

 

Health check Server(Baseline)

Domain Controller

User PC (if the PC doesn’t meet the requirements its going to be direct to Remediation Server)

 

5) Virtualization

1)One System

2) Multi Boot Systems

3)Virtualization->Host PC->Hypervisor–>Install many systems(virtual machine)

Hipervisor use internal Processor,RAM,Port,hardware

HyperVisor

-Microsoft Virtual PC

-Windows Virtual PC

-Hyper V

-Virtual Box

-VM Ware

-VM Fusion

-Security Problem

 Secure your host machine or secure entire hypervisor(virtual machine).

Resource->BIOS Configuration->Padlock->Door Lock->CCTU->Physical (Guards)

 

 

 


NotepadProtocols and their Port

BEGIN S (Security)=SSH

END S (Secure)=SSL

 

1)SSH-Security Shell

-secure packets,protocols,messages that move the internet.It’s like you put a shell around your messages

-port 22

 

2)SSL-Secure socket layer

-end to end security across the internet

-443

 

3)FTP-File Transfer Protocol

-transfer file to network

-21

-unsecure

-transmission in plaintext

4)SSH+FTP=SFTP(22)

5)CP-Copy Protocol

6)SSH+FTP=SCP(22)

 

7)HTTP-Hypertext transfer protocol

-navigate to internet

-port is 80

8)HTTP+SSL+=HTTPS(PORT 443)

9)TFTP-Trivial File Transfer Protocol 69

-we send and received file through network

10)RDP-Remote Desktop Protocol

-Port 3389

11)Telnet

-port 23

12)SNMP-Simple Network Management Protocol

-we gather configuration parameters from device through network

-monitor performance device

-port 160,161,162

 

13)SMTP-Simple Mail Transfer Protocol

-protocol allows email to move from one server to another server

-port number 25

 

14)DNS-Domain Name Service

-port 53

-name resolution across to internet

15)POP3-Post office protocol

-we retrives  email from the server and delete from server

-port 110

16)IMAP-Internet Message Access Protocol

-search for specific messages

-can arhive emails

-port 143

 

17)ICMP- Internet Control Message Protocol

-ping command

-ping floods for attack can be used

-ping sometimes can be blocked by someone

 

 

 

 

 


NotepadProxies

Proxies are devices or servers:

-Forwarding Proxies

-Reverse Proxies

10 Computers(Private Network)–>Proxy(Public Address)–>Internet

Private address are converted to Public Address(Network Address Transmission(NAT))

Benefits:

-Multiple computers

-10 private address-1 public address

-Caching

-offers some security(bad guys cant see proxy server not internal server)


NotepadReverse proxy

PC USER   –>  Reverse Proxy–>  Webserver

if its legimated allowed it is going to webserver

if its malicious will be blocked

out coming traffic inspection

reverse proxies are set up to defend web servers


NotepadSubnet mask

Subnet mask

192.168.10.150

255.255.255.0

is a CLASS C!

 

192.168.10.0

0.0.0.0.150(HOST ID)

-network portion of the name

-the host portion of the name

 

class A  255.0.0.0

class B 255.255.0.0

class C 255.255.255.0

The 255 is network portion

The 0 is host portion

 


NotepadSubnetting

192.168.1.10/27

255.255.255.0

                 24       0 0 0 0 0 0 0 0

delete 3 zeros from left

2^n(n=bits)

2^3=8 subnets

2^n-2

2^3-2=32-2=30

Network id   1st valid      broadcast     last valid

192.168.1.0 192 168.1.1 192.168.1.31 192.168.1.30

192.168.1.32              1.33                  .63               .62

192.168.1.64              1.65                 .95                .94

192.168.1.96              1.97                 127              .126

192.168.1.128             1.161              154              .158

192.168.1.168             1.193             244              .190

192.168.1.192            1.225              255              .223

192.168.1.224

 

 

 

 

 

 

1 1 1 1 1 1 1 1

128 64 32 16 8 4 2 1


NotepadTCP/IP

Transmission Control Protocol

-Connection oriented

-Proper sequencing

-Sliding window

-Guaranteed Delivery

 

Intern Protocol

-Logical addressing

-IPv4

-IPv6

 

IPv4

-32 bit address

-expressed decimals

-4 octets

-each octet is 8 bits

-by period spaced

192.168.10.150

 

A=1->126

B=128->191

C=192->223

E=127.0.0.1 Test IP

 

Private IP

A =10.0.0.0->10.255.255.255

B =172.16.0.0->172.16.255.255

C =192.168.0.0->192.168.255.255

 

Manual Method->Static IP

-Very slowly for many systems

-prone to errors

 

Automatic Method->Dynamic IP

-very fast

– DHCP (Dynamic Host Configuration Protocol) installed on server

-DHCP Scope (a range,leased out)

-Reservation based on MAC address you can get a specific IP configured by DHCP

-APIPA(169.254.0.1->169.254.255.255)

Automated Private IP address

 

IPv6

-128 bit

-hexadecimals

-8 quartets

-punctuated by colon signs

 

2001:0db8:85a3:0000:0000:8a2e:0370:7334

If you have zero to start you can shrink

2001:db8:85a3:0:0:8a2e:370:7334

2001:db8:85a3::8a20:370:7334

-MANUAL

-AUTOMATIC (DHCP v6)

 


NotepadVPN Concentrators

Internal Network–>VPN Concentrator–>Internet(VPN—-Remote users)

-process/robust device

-encryption/decryption the packets

-facility the decryption the traffic which is going to internal network and is going encrypted to internet


NotepadWireless Access Point

Wireless Access Point

1)Antenna Placement

-Do site survey(formal,informal)

 

2)Default

-SSID,Admin ID,Password(change them)

3)SSID

-Default is enable

-Disable SSID Broadcast

 

4)Use Password

 

5)Wardriving

 

6)Chat marks(warchaking)

 

7)Access Control

-Mac Filtering

 

8)Encryption

-WPE-PC4

-WPA-TKIP

-WPA2-AES/CCMP

 

9)Signal Speed

-increase/decrease

-Power level control


NotepadWirelss Access Point 2

Wireless Access Point

-Antenna Placement

site survey

 

-Change the settings

ssid,account name,password

 

-ssid

service set identifier

enable broadcast

disable boardcast

 

-Power level controls

increase or decrease

spread the signal

 

-Mac Filtering

 

-Captive Portals

 

-Encryption

WEP-PC4

WPA-TKIP

-WPA2-AES/CCMP


< All CompTIA Security+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel